K
Hallo, habe nun ein Client/Server Programm von hier: http://msdn2.microsoft.com/en-us/library/ms737889.aspx
Habe den Code bißchen verändert, den Teil mit socket() in WSASocket() geändert.
Jetzt bin ich an dem Punkt wo man CreateProcess() integrieren muss, nun weiß ich nicht weiter wie ich fortfahren soll, muss nicht bei der Kommunikation etwas gesendet/empfangen werden?
SERVER CODE
#include <winsock2.h>
#include <ws2tcpip.h>
#include <stdlib.h>
#include <stdio.h>
#pragma comment(lib, "Ws2_32.lib")
#define DEFAULT_BUFLEN 512
#define DEFAULT_PORT "112"
int __cdecl main(void)
{
WSADATA wsaData;
SOCKET ListenSocket = INVALID_SOCKET,
ClientSocket = INVALID_SOCKET;
struct addrinfo *result = NULL, hints;
char recvbuf[DEFAULT_BUFLEN];
int iResult, iSendResult;
int recvbuflen = DEFAULT_BUFLEN;
STARTUPINFO si;
PROCESS_INFORMATION pi={0};
char comspec[MAX_PATH];
// Initialize Winsock
iResult = WSAStartup(MAKEWORD(2,2), &wsaData);
if (iResult != 0) {
printf("WSAStartup failed: %d\n", iResult);
return 1;
}
ZeroMemory(&hints, sizeof(hints));
hints.ai_family = AF_INET;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
hints.ai_flags = AI_PASSIVE;
// Resolve the server address and port
iResult = getaddrinfo(NULL, DEFAULT_PORT, &hints, &result);
if ( iResult != 0 )
{
printf("getaddrinfo failed: %d\n", iResult);
WSACleanup();
return 1;
}
// Create a SOCKET for connecting to server
/*Folgende Zeile:
ListenSocket = socket(result->ai_family, result->ai_socktype, result->ai_protocol);
geändert in:
*/
ListenSocket = WSASocket(AF_INET, SOCK_STREAM, IPPROTO_TCP,0,0,0);
if (ListenSocket == INVALID_SOCKET) {
printf("socket failed: %ld\n", WSAGetLastError());
freeaddrinfo(result);
WSACleanup();
return 1;
}
// Setup the TCP listening socket
iResult = bind( ListenSocket, result->ai_addr, (int)result->ai_addrlen);
if (iResult == SOCKET_ERROR)
{
printf("bind failed: %d\n", WSAGetLastError());
freeaddrinfo(result);
closesocket(ListenSocket);
WSACleanup();
return 1;
}
freeaddrinfo(result);
iResult = listen(ListenSocket, SOMAXCONN);
if (iResult == SOCKET_ERROR) {
printf("listen failed: %d\n", WSAGetLastError());
closesocket(ListenSocket);
WSACleanup();
return 1;
}
// Accept a client socket
ClientSocket = accept(ListenSocket, NULL, NULL);
if (ClientSocket == INVALID_SOCKET)
{
printf("accept failed: %d\n", WSAGetLastError());
closesocket(ListenSocket);
WSACleanup();
return 1;
}
// No longer need server socket
closesocket(ListenSocket);
/* ----------------------------------
Hier kommt CreateProcess() ???
*/ ----------------------------------
// shutdown the connection since we're done
iResult = shutdown(ClientSocket, SD_SEND);
if (iResult == SOCKET_ERROR)
{
printf("shutdown failed: %d\n", WSAGetLastError());
closesocket(ClientSocket);
WSACleanup();
return 1;
}
// cleanup
closesocket(ClientSocket);
WSACleanup();
return 0;
}
[EDIT]
Wo nun genau kommt jetzt der Teil mit CreateProcess() im Client oder Server Code?
Kann ich den Teil CreateProcess() von der Reverse Shell nehmen?
Bitte um Hilfe